Windows Defender Errors — Antivirus Not Working or Updating
About Windows Defender Errors
Fix Windows Defender errors including service not starting, definition update failures (0x80070643), real-time protection disabled, and scan failures. This guide covers everything you need to know about this topic, including common causes, step-by-step solutions, and answers to frequently asked questions.
Here are the key things to understand: Windows Security / Defender may show 'Your virus & threat protection is managed by your organization'. Error 0x80070643: definition update failed during Windows Update. Real-time protection toggled off and grayed out usually means Group Policy or third-party AV conflict. Error 0x80073b01: Windows Defender service failed to start. Defender cannot run alongside most third-party antivirus products (except in passive mode). Understanding these fundamentals will help you diagnose and resolve this issue more effectively.
The most common reasons this occurs include: Third-party antivirus installed, disabling Defender automatically. Group Policy or registry settings disabling Windows Defender. Corrupted Windows Defender definitions or program files. Windows Security service (WinDefend) disabled or crashed. Malware specifically targeting and disabling Windows Defender. Identifying the root cause is the first step toward finding the right solution.
To resolve this, follow these recommended steps: Uninstall any third-party antivirus completely (use their removal tools for full cleanup). Check Group Policy: gpedit.msc > Computer Config > Admin Templates > Windows Components > Windows Defender > ensure 'Turn off' is Not Configured. Reset Defender via PowerShell: Get-AppxPackage Microsoft.SecHealthUI -AllUsers | Reset-AppxPackage. Manually update definitions: run elevated cmd > cd "%ProgramFiles%\Windows Defender" > MpCmdRun.exe -SignatureUpdate. Check WinDefend service: services.msc > Windows Defender Antivirus Service should be Running and Automatic. If these steps do not resolve the issue, consider consulting additional resources or a qualified professional.
This article is part of our Windows Error Codes collection on Error Codes Wiki. We provide comprehensive, up-to-date information to help you find solutions quickly.
Quick Answer
Why is real-time protection grayed out?
Either Group Policy disabled it, a third-party antivirus took over, or malware disabled it. Check all three in that order.
Overview
Fix Windows Defender errors including service not starting, definition update failures (0x80070643), real-time protection disabled, and scan failures.
Key Details
- Windows Security / Defender may show 'Your virus & threat protection is managed by your organization'
- Error 0x80070643: definition update failed during Windows Update
- Real-time protection toggled off and grayed out usually means Group Policy or third-party AV conflict
- Error 0x80073b01: Windows Defender service failed to start
- Defender cannot run alongside most third-party antivirus products (except in passive mode)
Common Causes
- Third-party antivirus installed, disabling Defender automatically
- Group Policy or registry settings disabling Windows Defender
- Corrupted Windows Defender definitions or program files
- Windows Security service (WinDefend) disabled or crashed
- Malware specifically targeting and disabling Windows Defender
Steps
- 1Uninstall any third-party antivirus completely (use their removal tools for full cleanup)
- 2Check Group Policy: gpedit.msc > Computer Config > Admin Templates > Windows Components > Windows Defender > ensure 'Turn off' is Not Configured
- 3Reset Defender via PowerShell: Get-AppxPackage Microsoft.SecHealthUI -AllUsers | Reset-AppxPackage
- 4Manually update definitions: run elevated cmd > cd "%ProgramFiles%\Windows Defender" > MpCmdRun.exe -SignatureUpdate
- 5Check WinDefend service: services.msc > Windows Defender Antivirus Service should be Running and Automatic